Navigation :
Kubernetes GCP Detect Sensitive Object Access
Description
This search provides information on Kubernetes accounts accessing sensitve objects such as configmaps or secrets
Help |
---|
Kubernetes GCP Detect Sensitive Object Access HelpYou must install splunk add on for GCP . This search works with pubsub messaging service logs. |
Search |
---|
`google_gcp_pubsub_message` data.protoPayload.authorizationInfo{}.resource=configmaps OR secrets | table data.protoPayload.requestMetadata.callerIp src_user data.resource.labels.cluster_name data.protoPayload.request.metadata.namespace data.labels.authorization.k8s.io/decision | dedup data.protoPayload.requestMetadata.callerIp src_user data.resource.labels.cluster_name |`kubernetes_gcp_detect_sensitive_object_access_filter` Open in Search |